Back to search
CVE-2008-3743
Published: Aug 27, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in forms in Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions via unknown vectors, related to improper token validation for (1) cached forms and (2) forms with AHAH elements.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=459108
x_refsource_CONFIRM
30689
vdb-entry
x_refsource_BID
drupal-ahah-csrf(44453)
vdb-entry
x_refsource_XF
31825
third-party-advisory
x_refsource_SECUNIA
ADV-2008-2392
vdb-entry
x_refsource_VUPEN
FEDORA-2008-7626
vendor-advisory
x_refsource_FEDORA
http://drupal.org/node/295053
x_refsource_CONFIRM
FEDORA-2008-7467
vendor-advisory
x_refsource_FEDORA
31462
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now